Pay or Lose Everything: the Rise of Ransomware

Recently, businesses, governments, and universities have been finding their information locked down under an ultimatum: pay up or lose your information forever. A familiar tactic in a new age, this is a virus aptly named ransomware, and it is on the rise nationwide.

Ransomware began with the Trojan horse program CryptoLocker. Spreading through infected e-mails, CryptoLocker made a victim’s files—texts, videos, photos, spreadsheets, and more—encrypted and unusable. In its final act, CryptoLocker informed the victim that their information would stay encrypted forever unless a ransom was paid within a set time frame. Though the original CryptoLocker program was eventually isolated in 2014 after extorting an estimated $3 million, similar programs continue to circulate, many still using the CryptoLocker name and extorting millions more.

As cyber criminals are almost always international entities, local or state police can do little to trace the activity. The cases go to regional Homeland Security offices.

“A year ago we used to get a call a month from someone being phished or scammed. Now we get it every day,” explained Jerry Becker, Clare County Emergency Management and Homeland Security Division Director.

Ransomware traditionally targeted businesses, though it has also begun to affect educational institutions, where enormous amounts of data, as well as student and faculty identities and financial information, are at stake. A recent Homeland Security report stated, “A government or education network is four times more likely to be infected with CryptoLocker ransomware compared to other entities.”

Ransomware and many other hacking tactics usually begin with social engineering, the process of using a victim’s personal or professional information to insert an infectious email or begin a scam. Social engineering often begins around a “watering hole.”

“A watering hole in cyber is social; it’s Facebook, LinkedIn, Pinterest – sites where [hackers] can hang out and watch people’s activity,” said Becker. “It’s also a good place to drop in malware.”

A user might receive a friend request or a video link through the site and click on it, not realizing it contains a hacker’s virus. The virus, CryptoLocker, or another harmful program, can then infect the entire network through a workplace computer or a university’s computer lab. “All it takes is one click.”

To guard against ransomware, Becker recommends maintaining good cyber hygiene—keeping software, browsers, and plug-ins up-to-date, installing cyber security programs and firewalls, and staying away from unknown attachments or vulnerable websites. Most of all, back up all information every day.

“If you’ve been hacked, if you get ransomware, you just learned a lesson. If you did good back-ups, you’ll be able to recover,” said Becker. “We never encourage anyone to pay the ransom. If you pay, there’s no guarantee you’re getting your data back.”

To learn more about good cyber hygiene at home, at school, and at the office, visit the Department of Homeland Security’s “Stop. Think. Connect.” page at https://www.dhs.gov/stopthinkconnect.